Martin,

The only other systems I have running IPA are on another network. I could take their CS.cfg file and try to modify it to fit what this one should have had, but that's my only option.


On the up side, this is a relatively small network, and reinstating the users and hosts won't be an enormous task. Big, but not enormous. And I should have had a backup, especially knowing there was a scheduled power outage coming up. Because those are always problem-free.... ;-)


Bret

On 01/27/2014 04:14 AM, Martin Kosek wrote:
On 01/27/2014 01:51 AM, Bret Wortman wrote:
We had to reboot the IPA server on a standalone network recently, and this IPA 
server is the only one on that network; there are no replicas. Upon restarting, 
the IPA software refused to start because, after a couple hours of tracking 
things down, our /etc/pki-ca/CS.cfg file is zero-length.

How can I most easily restore this file given that I doubt we have a backup 
(our bad)? Is there a way to basically reinstall the server without losing the 
data in the database? Our users and host definitions, anyway?

Thanks!


Bret
Hello Bret,

Sorry to hear that. It looks like something (PKI?) was writing to the CS.cfg
while the IPA server restarted. What version of IPA and PKI are we talking 
about?

Do you have any other PKI server with CA you can use as a source of the CS.cfg
file or as a replica to reinstall the IPA server with CA from (in the worst 
case)?

I am adding PKI developers to the CC to advise.

Martin


Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to